Hybrid Active Directory threat detection and response specialist exceeds 3,000% growth over five years

Sydney Australia — 31 January, 2025 — Semperis, a pioneer in identity-driven cyber resilience, today announced it surpassed $100M in annual recurring revenue (ARR), a milestone that fewer than one in every 1,000 venture-backed enterprise software companies achieves, according to venture capital firm, Greylock Partners. Fuelling Semperis’ rapid customer growth and ascension to “centaur status” is the company’s comprehensive solution for enterprises combatting the ever-growing threat of identity-based attacks in Active Directory and Entra ID environments.

Putting Identity at the Centre of Cyber Resilience

Semperis enters its next phase of growth as the cybersecurity industry shifts from focusing primarily on attack prevention to prioritising extended coverage of the attack lifecycle with cyber resilience. This shift is partially being brought on by new regulations like the Digital Operational Resilience Act (DORA) and popular frameworks like NIST. Additionally, CISA, NSA, and other global cybersecurity agencies recently collaborated on a report sounding the alarm about Active Directory threats, compelling organizations to take corrective action to remove vulnerabilities attackers exploit as entry points to carryout malicious objectives.

“With growth of more than 100 % annually since 2021 and the dramatic increase in identity-driven cyberattacks, surpassing $100M in annual recurring revenue is a testament to the effectiveness of our solutions in protecting identity systems, the new security perimeter. We look forward to helping more companies in Australia and across Asia Pacific and Japan identify, halt and rapidly recover from threats to identity systems, such as Active Directory, Entra ID, Okta and others,” said Gerry Sillars, Semperis, Vice President, Asia Pacific & Japan.

‘Congratulations to Mickey Bresman, Gerry Sillars and the entire Semperis team for surpassing $100 million in annual recurring revenue as they have reached rarified air amongst enterprise software companies. Identity-centric cyberattacks are rapidly increasing and traditional security solutions fall short of protecting an organization’s most critical assets. Semperis has ‘best in breed’ solutions that help organisations detect, remediate and recover from identity-based attacks. I look forward to working with Semperis in 2025 to expand its presence in Australia, New Zealand and throughout Asia Pacific and Japan,’ said Malcolm Turnbull, Semperis Strategic Advisor, former Australian Prime Minister.

“Identity resilience has become the new security perimeter, making every aspect of an organisation’s digital existence existentially dependent on their identity system, most often Active Directory. And when Active Directory and other identity systems are compromised, the foundations of a business dependent on them are at unacceptable risk. Recognising the essential relationship between identity and business resilience, Semperis’ products and services are on the cutting edge of cyber use cases, setting them apart from competitors. You can’t simply bolt on identity security, because it is core to business operations and critical to sustain defence against sophisticated and motivated nation-state backed threat groups. Like business resilience, identity resilience must be addressed at the core,” said Chris Inglis, Semperis Strategic Advisor and former U.S. National Cyber Director.

Semperis’ Mission to Be a Force for Good

According to the Semperis Ransomware Risk Report 2024, 83% of surveyed organisations suffered from ransomware attacks in the previous year, with 78% of attack victims paying ransom, some multiple times. Core to Semperis’ mission to be a force for good is helping customers say no to ransomware demands. The company built several free community tools, including Purple Knight, which 30,000 users leverage for assessing Active Directory, Entra ID, and Okta vulnerabilities in enterprise environments, and Forest Druid, which discovers tier 0 attack paths.

“From our inception in 2015, we’ve been preaching the importance of putting identity at the centre of your cyber resilience strategy,” said Mickey Bresman, Semperis CEO. “The biggest brands in the world rely on us to safeguard their hybrid AD environments, which are being targeted at unprecedented levels. I’m proud to offer organisations with an alternative option to giving in to ransom demands by taking back control through comprehensive protection, from detection and response, to full on crisis recovery. We cover the entire identity attack lifecycle and provide specialised incident response support.”

The Rising Category of Identity Threat Detection and Response

Semperis is an early pioneer of Identity Threat Detection and Response (ITDR), one of the fastest-growing cybersecurity categories. Today, Gartner ranks ITDR a “top CISO trend” as organizations adopt zero-trust models and recognise the increasing frequency of attackers successfully targeting identity system vulnerabilities.

With a focus on cyber resilience, Semperis provides the industry’s most comprehensive identity system defence platform, trusted by the largest enterprises and government agencies in the world, to dramatically reduce the success rate of ransomware and other destructive attacks.

The 2024 ‘Forrester Total Economic Impact Report‘ of Semperis details the potential millions of dollars in savings for enterprises after deploying Semperis, cutting downtime by 90 percent, spending 40 percent less time manually monitoring for threats, and decreasing overall cyber risk pre, during, and post-attack.

‘KKR is proud to back the hybrid identity resilience mission of Semperis and a growing number of the largest organisations in the world trust them to defend their critical identity systems from cyberattacks. Today, the vast majority of attacks are identity-based, targeting credentials to infiltrate businesses. Semperis’ leading identity protection technology and incident response expertise are delivering category-defining innovation, not achieved by competitors,’ said Ben Pederson, KKR Director and a member of Semperis’ Board of Directors.

Leadership Expansion with IPO Experience and Other Recent Developments

Semperis recently announced new c-suite additions of Jeff Bray, Chief Financial Officer, Mike DeGaetano, Chief Revenue Officer and Annabel Lewis, Chief Legal Officer, coming from high-growth cyber companies, all with firsthand IPO and public company experience.

In June 2024, Semperis announced its latest round of strategic growth financing, $125 million from J. P. Morgan and Hercules Capital. Other recent updates include being named to Deloitte’s Technology Fast 500 List for five consecutive years and various product announcements, introducing a new SaaS offering for small to midsized businesses, and expanding its AI-powered threat detection and response capabilities.